<?php
namespace Admin\Controller;
use Think\Controller;
use Think\Auth;

class CommonController extends Controller {

    // 以后做验证
    public function _initialize(){
        if (empty($_SESSION['aid'])) {
            $this->redirect('Admin/Login/index');
        }
       //session存在时，不需要验证的权限
        $not_check = array('Index/index','Login/logout');
        
        //当前操作的请求                 模块名/方法名
        if(in_array(CONTROLLER_NAME.'/'.ACTION_NAME, $not_check)){
            return true;
        }

        // 下面代码动态判断权限  
        $auth = new Auth();  
        if(!$auth->check(CONTROLLER_NAME.'/'.ACTION_NAME,session('aid')) && session('aid') != 1){  
            $this->error('没有权限');  
        }

        //判断权限是否显示按钮
        $m = M('auth_rule');
        $field = 'id,name,title';
        $where['remark'] = '按钮';
        $where['status'] = 1;
        $list = $m->field($field)->where($where)->select();
        // var_dump($list);die;
        $auth = new \Think\Auth();
        foreach ($list as $k=>$v){
            if(!$auth->check($v['name'], session('aid')) && session('aid') != 1){
                $access[] = $v['name'];
            }
        }
            $this->assign('access',$access);
    }

}